Skip to main content
Manage the sessions associated with the authenticated account. The GET endpoint returns two datasets: active sessions (each showing device, IP, and creation time) and a historical log of the last 20 authentication events. The DELETE endpoint lets users remotely sign out of any session other than their current one.

GET /v1/accounts/devices

List active sessions and sign-in history. GET /v1/accounts/devices Requires a Bearer token in the Authorization header.

Example

curl --request GET \
  --url "https://api.nyotaimara.com/v1/accounts/devices" \
  --header "Authorization: Bearer <token>"

Response

success
boolean
required
true when the request succeeded.
data
object
required
Container for both session datasets.
{
  "success": true,
  "data": {
    "activeSessions": [
      {
        "sessionId": "sess_abc123",
        "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)...",
        "ipAddress": "102.0.0.1",
        "createdAt": "2024-06-01T08:00:00.000Z",
        "updatedAt": "2024-06-01T12:45:00.000Z",
        "isCurrentDevice": true
      }
    ],
    "history": [
      {
        "id": "log_xyz789",
        "event": "login",
        "status": "success",
        "ipAddress": "102.0.0.1",
        "userAgent": "Chrome on macOS",
        "country": "Kenya",
        "city": "Nairobi",
        "createdAt": "2024-06-01T08:00:00.000Z"
      }
    ]
  }
}

DELETE /v1/accounts/devices/:sessionId

Revoke a specific session. DELETE /v1/accounts/devices/:sessionId Requires a Bearer token in the Authorization header.

Request

sessionId
string
required
The sessionId of the session to revoke. Obtain this value from GET /v1/accounts/devices. You cannot revoke the session that belongs to the token you are currently using.

Example

curl --request DELETE \
  --url "https://api.nyotaimara.com/v1/accounts/devices/sess_abc123" \
  --header "Authorization: Bearer <token>"

Response

success
boolean
required
true when the session was successfully revoked.
message
string
required
Human-readable confirmation.
{
  "success": true,
  "message": "Device successfully logged out."
}
Error cases
StatusErrorDescription
400Use standard logout to end your current session.The sessionId matches the caller’s own active session.
401Missing or invalid Bearer token.
403Session does not belong to this user.The session exists but is owned by a different user.
500Failed to fetch/revoke device activityAn unexpected server-side error occurred.